|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: [snort] snort uses obsolete (PF_INET,SOCK_PACKET)
From: CyberPsychotic (fygrave
epr0.org)Date: Sat Mar 04 2000 - 13:55:34 CST
- Next message: CyberPsychotic: "Re: [snort] Beta 10.2 (w' Tru64 support) ready [CVS & WWW]"
- Previous message: Martin Roesch: "Re: [snort] Anybody got a clue"
- In reply to: Christian Hammers: "[snort] snort uses obsolete (PF_INET,SOCK_PACKET)"
- Next in thread: CyberPsychotic: "Re: [snort] snort uses obsolete (PF_INET,SOCK_PACKET)"
- Reply: CyberPsychotic: "Re: [snort] snort uses obsolete (PF_INET,SOCK_PACKET)"
- Reply: CyberPsychotic: "Re: [snort] snort uses obsolete (PF_INET,SOCK_PACKET)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
~ :
~ :Is this error message important?
~ :
not really, SOCK_PACKET still works on 2.2 kernels. but you can update
your libpcap (which actually causes this) if you want. I am not sure if
tcpdump.org dudes have it fixed in their version, but a friend of mine
did. I guess I have already given the link to his page:
http://www.cs.uni-potsdam.de/homepages/students/linuxer/, but it would be
worth to give it again, he has added some cool feature to libpcap:
devicename called `any'. (which would let you to monitor all devices on
linux). It should work flawlessly with snort too, if the datalink is the
same on all of them. :)
- Next message: CyberPsychotic: "Re: [snort] Beta 10.2 (w' Tru64 support) ready [CVS & WWW]"
- Previous message: Martin Roesch: "Re: [snort] Anybody got a clue"
- In reply to: Christian Hammers: "[snort] snort uses obsolete (PF_INET,SOCK_PACKET)"
- Next in thread: CyberPsychotic: "Re: [snort] snort uses obsolete (PF_INET,SOCK_PACKET)"
- Reply: CyberPsychotic: "Re: [snort] snort uses obsolete (PF_INET,SOCK_PACKET)"
- Reply: CyberPsychotic: "Re: [snort] snort uses obsolete (PF_INET,SOCK_PACKET)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]